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I. REAL PARTY IN INTEREST (37 C.F.R. § 41.37(c)(l)(i)) 

The real party in interest in this appeal is Nokia Corporation, a corporation organized 
under the laws of Finland. 

II. RELATED APPEALS AND INTERFERENCES (37 C.F.R. § 41.37(c)(l)(ii)) 

There are no related appeals or interferences. 

III. STATUS OF CLAIMS (37 C.F.R. § 41.37(c)(l)(iii)) 

Claims 1, 4, 7, 10, 13-15, 20-21 and 24-29 are pending in this application. Claim 1, 4, 7, 
10, 13-15, 20-21 and 24-29 are rejected, and the rejection of claims 1, 4, 7, 10, 13-15, 20-21 and 
24-29 is being appealed. 

IV. STATUS OF AMENDMENTS (37 C.F.R. § 41.37(c)(l)(iv)) 

No amendment to the claims was filed after the final rejection, and therefore all 
amendments have been entered. 

V. SUMMARY OF CLAIMED SUBJECT MATTER (37 C.F.R. § 41.37(c)(l)(v)) 

Independent claim 1 is directed to a method that includes receiving a request for full 
authentication of a terminal. See specification page 9, lines 22-27. The method further includes 
transmitting to the terminal a reauthentication identity including a unique realm name uniquely 
identifying an authentication server in response to the request for full authentication. See 
specification page 10, lines 1-6. The method also includes receiving a request for 
reauthentication from the terminal, the request for reauthentication including the reauthentication 
identity including the unique realm name uniquely identifying the authentication server. See 
specification page 10, lines 16-19. In the method, the request for reauthentication is routed to the 
authentication server according to the unique realm name included in the request for 
reauthentication. See specification page 11, lines 3-14. 

Independent claim 4 is directed to an apparatus that includes means (23a, 23b) for 
receiving a request for full authentication of a terminal. See specification page 9, lines 22-27; 
Figure 2. The apparatus also includes means (23a) for transmitting to the terminal a 
reauthentication identity including a unique realm name uniquely identifying an authentication 
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server in response to the request for full authentication. See specification page 10, lines 1-6; 
Figure 2. The apparatus further includes means (21a) for receiving a request for reauthentication 
from the terminal, the request for reauthentication including the reauthentication identity 
including the unique realm name uniquely identifying the authentication server. See 
specification page 10, lines 16-19; Figure 2. The request for reauthentication is routed to the 
authentication server according to the unique realm name included in the request for 
reauthentication. See specification page 11, lines 3-14. 

Independent claim 10 is directed to a system that includes a first authentication server 
configured to receive a request for full authentication of a terminal. See specification page 9, 
lines 22-27. The first authentication server is configured to transmit to the terminal a 
reauthentication identity including a unique realm name uniquely identifying the first 
authentication server in response to the request for full authentication. See specification page 10, 
lines 1-6. The system also includes a second authentication server configured to receive a 
request for reauthentication from the terminal. See specification page 10, lines 16-19. The 
request for reauthentication including the reauthentication identity including the unique realm 
name identifying the first authentication server. See specification page 10, line 19. The second 
authentication server is configured to route the request for reauthentication to the first 
authentication server according to the unique realm name identifying the first authentication 
server. See specification page 11, lines 3-14. 

Independent claim 13 is directed to an apparatus that includes means (21a) for transmitting a 
request for full authentication to a first authentication server. See specification page 9, lines 22-27. 
The apparatus also includes means (22) for receiving from the first authentication server a 
reauthentication identity including a unique realm name uniquely indicating the first authentication 
server in response to the request for full authentication. See specification page 10, lines 1-6. The 
apparatus further includes means (22) for transmitting to a second authentication server a request for 
reauthentication using the reauthentication identity including the unique realm name. See 
specification page 10, lines 16-19; page 11, lines 3-14. 

Independent claim 15 is directed to an apparatus that includes a processor configured to 
receive a request for full authentication of a terminal. See specification page 9, lines 22-27. The 
processor of the apparatus is further configured to transmit to the terminal a reauthentication identity 
including a unique realm name uniquely identifying an authentication server in response to the 
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request for full authentication. See specification page 10, lines 1-6. The processor of the apparatus 
is also configured to receive a request for reauthentication from the terminal, the request for 
reauthentication including the reauthentication identity including the unique realm name uniquely 
identifying the authentication server. See specification page 10, lines 16-19. The request for 
reauthentication is routed according to the authentication server according to the unique realm name 
included in the request for reauthentication. See specification page 1 1, lines 3-14. 

Independent claim 20 is directed to an apparatus that includes a processor configured to 
transmit a request for full authentication to a first authentication server. See specification page 9, 
lines 22-27. The processor of the apparatus is further configured to receive from the first 
authentication server a reauthentication identity including a unique realm name uniquely indicating 
the first authentication server in response to the request for full authentication. See specification 
page 10, lines 1-6. The processor of the apparatus is also configured to transmit to a second 
authentication server a request for reauthentication using the reauthentication identity including the 
unique realm name. See specification page 10, lines 16-19. 

Independent claim 27 is directed to a method that includes transmitting a request for full 
authentication to a first authentication server. See specification page 9, lines 22-27. The method 
also includes receiving from the first authentication server a reauthentication identity identity 
including a unique realm name uniquely indicating the first authentication server in response to the 
request for full authentication. See specification page 10, lines 1-6. The method further includes 
transmitting to a second authentication server a request for reauthentication using the 
reauthentication identity including the unique realm name. See specification page 10, lines 16-19. 

VI. GROUNDS OF REJECTION TO BE REVIEWED ON APPEAL (37 CF.R. § 
41.37(c)(l)(vi)) 

Claims 1, 4, 7, 10, 13-15, 20-21 and 24-29 are rejected under 35 U.S.C. § 103(a) as 
unpatentable over O'Neill (U.S. Appl. Publ. No. 2003/0176188) in view of Westerdal (U.S. 
Appl. Publ. No. 2002/0133719). 

Claims 14 and 21 are rejected under 35 U.S.C. § 103(a) as unpatentable over O'Neill in 
view of Westerdal and Barriga-Caceres et al (U.S. Appl. Publ. No. 2003/0163733). 
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VII. ARGUMENT (37 C.F.R. § 41.37(c)(l)(vii)) 

Rejection Under 35 U.S.C. $ 103(a) in view of U.S. Awl. Publ. No. 2003/176188 and 
US. Awl. Publ. No. 2002/0133719 

Claim 1 

Appellant respectfully submits that claim 1 is not disclosed or suggested by the cited 
references, because the cited references fail to disclose or suggest all of the limitations recited in 
claim 1. The cited references, alone or in combination, at least fail to disclose or suggest 
transmitting a reauthentication identity to a terminal in response to a request for full 
authentication, as recited in claim 1 . 

The Office acknowledges on page 6 of the final Office Action of January 4, 201 1, that 
O'Neill does not disclose that the transmission to the terminal of the reauthentication identity is 
in response to a request for full authentication of the terminal, and relies upon Wester dal for this 
teaching. However, appellant respectfully submits that O'Neill also does not disclose or suggest 
transmitting to a terminal a reauthentication identity. Instead, O Neill only discloses that the 
mobile node may send an identity to the network, since message 550 is directed towards the 
Remote Home Agent 1 12 of the MN 202 in the home domain 1 102, but it is first sent to the 
access router 128 as message 550a and it is then sent to the remote home agent 1 12 as message 
550b. See O'Neill paragraph [0053]. The message 550 includes a network access identifier 
having a user part and a realm part, however the message 550 is sent towards the Remote Home 
Agent 1 12, and therefore is not transmitted to the terminal, as recited in claim 1 . It is understood 
that the Network Access Identifier (NAI) is a way of identifying users who request access to a 
network, and a user may provide the NAI to the network when first accessing a network. 
Therefore, appellant respectfully submits that O'Neill does not disclose or suggest that the 
terminal has a reauthentication identity transmitted to the terminal, as recited in claim 1 . For at 
least this reason, claim 1 is not disclosed or suggested by the cited references. 

Furthermore, applicant respectfully submits that Westerdal fails to make up for the 
deficiencies in the teachings of O Neill identified by the Office. Westerdal is directed to a 
system that facilitates sharing authentication information between a plurality of servers, a first 
server directs a client to communicate a first identity to an authentication server, so that the 
authentication server can attempt to associate the first identifier with a known client. See 
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Westerdal Abstract. However, Westerdal is completely silent regarding reauthentication. 
Furthermore, Westerdal does not disclose or suggest that a reauthentication identity includes a 
unique realm name uniquely identifying the authentication server, or that the request for 
reauthentication is routed to the authentication server according to the unique realm name 
included in the request for reauthentication, as recited in claim 1 . 

Instead, Figure 3 of Westerdal shows a process for associating client (102) with an 
authentication server cookie (107). In this process, client (102) sends an authentication identity 
(AID) to authentication server (112). If the authentication server (112) determines that a cookie 
contains a known authentication server identifier, then the client (102) is known to the 
authentication server (112). See Westerdal paragraph [0036]. However, if the cookie does not 
contain a known authentication server identifier, the authentication server (112) generates a new 
authentication server identifier for the client (102). See Westerdal paragraph [0037]. However, 
the cookies do not contain a unique realm name as recited in claim 1, and they are not 
transmitted in response to a request for full authentication. Accordingly, Westerdal fails to make 
up for the deficiencies in the teachings of O 'Neill identified by the Office. Therefore, for at least 
the reasons discussed above, claim 1 is not disclosed or suggested by the cited references. 

Claims 4. 10. 13. 15,20 and 27 

Independent claims 4, 10, 13, 15, 20 and 27 contain limitations similar to those recited in 
claim 1 . Therefore, for at least the reasons discussed above, claims 4, 10, 13, 15, 20 and 27 are 
not disclosed or suggested by the cited references. 

Claims 7. 24-26 and 28-29 

Dependent claims 7, 24-26 and 28-29 all ultimately depend from an independent claim. 
Therefore, the dependent claims are not disclosed or suggested by the cited references at least in 
view of their dependencies. 

Rejection Under 35 U.S.C. $ 103(a) in view of U.S. Appl. Publ. No. 2003/176188. U.S. Appl 
Publ No. 2002/0133719 and US. Awl Publ No. 2003/0163733 

Claims 14 and 21 
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Dependent claims 14 and 21 all ultimately depend from an independent claim. 
Therefore, the dependent claims are not disclosed or suggested by the cited references at least in 
view of their dependencies. 

Conclusion 

For the reasons discussed above, appellant respectfully submits that the rejections of the 
final Office Action have been shown to be inapplicable, and respectfully requests that the Board 
reverse the rejections of pending claims 1, 4, 7, 10, 13-15, 20-21 and 24-29. If any additional fee 
is required for submission of this Appeal Brief, the Commissioner is hereby authorized to charge 
Deposit Account No. 23-0442. 



Respectfully submitted, 



Date: g^jj 



Keith R. Obert 

Attorney for the Appellant 

Registration No. 58,051 



Ware, Fressola, Van Der Sluys 

& Adolphson LLP 
755 Main Street, P.O. Box 224 
Monroe, CT 06468 
Telephone: (203) 261-1234 
Facsimile: (203)261-5676 
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1. A method, comprising: 

receiving a request for full authentication of a terminal; 

transmitting to the terminal a reauthentication identity including a unique realm name 
uniquely identifying an authentication server in response to the request for full authentication; 
and 

receiving a request for reauthentication from the terminal, the request for reauthentication 
including the reauthentication identity including the unique realm name uniquely identifying the 
authentication server; 

wherein the request for reauthentication is routed to the authentication server according to the 
unique realm name included in the request for reauthentication. 



4. An apparatus, comprising: 

means for receiving a request for full authentication of a terminal; 

means for transmitting to the terminal a reauthentication identity including a unique 
realm name uniquely identifying an authentication server in response to the request for full 
authentication; and 

means for receiving a request for reauthentication from the terminal, the request for 
reauthentication including the reauthentication identity including the unique realm name 
uniquely identifying the authentication server; 

wherein the request for reauthentication is routed to the authentication server according to the 
unique realm name included in the request for reauthentication. 
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7. A computer program product comprising: a computer readable storage structure embodying 
computer program code thereon for execution by a computer processor in an authentication 
network element, wherein said computer program code includes instructions for performing a 
method according to claim 1 . 

10. A system, comprising: 

a first authentication server configured to receive a request for full authentication of a 
terminal, and configured to transmit to the terminal a reauthentication identity including a unique 
realm name uniquely identifying the first authentication server in response to the request for full 
authentication; and 

a second authentication server configured to receive a request for reauthentication from the 
terminal, the request for reauthentication including the reauthentication identity including the unique 
realm name identifying the first authentication server, and configured to route the request for 
reauthentication to the first authentication server according to the unique realm name identifying the 
first authentication server. 

13. An apparatus, comprising: 

means for transmitting a request for full authentication to a first authentication server; 

means for receiving from the first authentication server a reauthentication identity 
including a unique realm name uniquely indicating the first authentication server in response to 
the request for full authentication; and 

means for transmitting to a second authentication server a request for reauthentication 
using the reauthentication identity including the unique realm name. 
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14. The apparatus as in claim 13, wherein the means for transmitting to the second authentication 
server includes the reauthentication identity in an identity response packet according to an 
Extensible Authentication Protocol. 

15. An apparatus, comprising a processor configured to: 

receive a request for full authentication of a terminal; 

transmit to the terminal a reauthentication identity including a unique realm name 
uniquely identifying an authentication server in response to the request for full authentication; 
and 

receive a request for reauthentication from the terminal, the request for reauthentication 
including the reauthentication identity including the unique realm name uniquely identifying the 
authentication server; 

wherein the request for reauthentication is routed according to the authentication server 
according to the unique realm name included in the request for reauthentication. 

20. An apparatus, comprising a processor configured to: 

transmit a request for full authentication to a first authentication server; 

receive from the first authentication server a reauthentication identity including a unique 
realm name uniquely indicating the first authentication server in response to the request for full 
authentication; and 

transmit to a second authentication server a request for reauthentication using the 
reauthentication identity including the unique realm name. 
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21. The apparatus as in claim 20, wherein the processor is configured to include the reauthentication 
identity in an identity response packet according to an Extensible Authentication Protocol. 

24. The apparatus as in claim 4 3 wherein the apparatus comprises an authentication server. 

25. The apparatus as in claim 4, wherein the apparatus comprises a proxy server. 

26. The apparatus as in claim 4, wherein the apparatus comprises a service access point for 
authentication by the authentication server. 

27. A method, comprising: 

transmitting a request for full authentication to a first authentication server; 

receiving from the first authentication server a reauthentication identity identity including 
a unique realm name uniquely indicating the first authentication server in response to the request 
for full authentication; and 

transmitting to a second authentication server a request for reauthentication using the 
reauthentication identity including the unique realm name. 

28. A method as in claim 27, wherein the reauthentication identity is included in an identity 
response packet according to an Extensible Authentication Protocol. 

29. A computer program product comprising: a computer readable storage structure embodying 
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computer program code thereon for execution by a computer processor in a terminal, wherein said 
computer program code includes instructions for performing a method according to claim 27. 
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EVIDENCE APPENDIX 



None. 
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RELATED PROCEEDINGS APPENDIX 

None. 
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